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Detailed Action 

This office action is in response to the annendment received on November 7, 2005. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-146 and 148-149 are rejected under 35 U.S.C. 103(a) as being 

unpatentable over Mittra (US Pat No: US005748736A) in view of He et al (US Pat No: 

US006088451A), hereafter referred to as Mittra and He, respectively. 

1. With regards to claims 1, 16,28,40,61,68,75.78,87,99, 113, 122 and 145, 
Mittra teaches through He, a communication system comprising: 

• a plurality of multicast devices forming a shared multicast distribution tree; 

• a host device; 

• a key server; and 

• a designated device, separate from the key server, through which the host 
device requests access to the shared tree associated with a group, wherein: 

• the host device obtains access information from the key server for the host 
device to enable the host device to request access the shared tree associated 
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with the group, the access information including authentication information 
unique to the host device/group pair; 

• the designated device obtains the access information associated with the host 
device/group pair from the key server for enabling the host device to access 
the shared tree; 

• the host device sends an access control message to the designated device to 
join the shared tree; and 

• the designated device uses the access information to authenticate the host 
device before adding the host device to the shared tree. 

(A communication system is able to be a method, apparatus, 
communication message and computer program. Mittra discloses a multicast 
network wherein; any member of the multicast network may be a sender or a 
receiver (column 4, lines 5-19). There exists a device in Mittra's design (the 
GSC) that maintains group membership information and hence authenticates 
hosts and receivers in the multicast network (column 7, line 64 - column 8, line 
10). In addition, Mittra discloses that if desired, separate key distribution centers 
(KDC, equivalent to the claimed key server) are also usable (column 4, lines 53- 
54, Mittra). Furthermore, authentication for each host device must be unique as 
claimed. This is because to each host, the number of clients available and 
eligible is different. And the same authentication cannot be applied for each 
client. This is because certificates apply public key cryptographic algorithms and 
public key algorithms require unique data for each user to be authenticated. 
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Hence, the authentication information for each client must be different as 
claimed. Plus, Mittra's design allows the network to be a tree architecture 
(column 6, lines 1-19). Furthermore, the process of host authentication in 
networks (including multicast networks) is a standard set by the IGMP version 2 
protocol. Furthermore, Mittra's disclosure expresses the methods by which 
devices may request and gain access to a multicast network by communicating 
(sending and receiving of data by the devices) with an authentication host (the 
GSC). Finally, Mittra's disclosure teaches that certificates expire and new ones 
are created and sent with messages (column 11, lines 39-42, Mittra) (expiration 
of certificates is equivalent to the key expiration date of claim 145). It is obvious 
that since the certificate expiration is noticed and new certificates are sent, that 
the claimed access information comprising expiration date information is also 
present within Mittra's design. While, Mittra discloses a design with a device (the 
GSC) that functions as an authentication device as well as an access device, 
Mittra does not teach physically independent authentication and access devices. 

He teaches a network access design. Within the design, He teaches how 
the concept of physically separate authentication and access devices existed 
(Figure 2, He). Hence, it would have been obvious to one skilled in the art, 
during the time of the invention, to have combined the teachings of Mittra with 
those of He, to provide the necessary security mechanisms that can effectively 
control access to network elements and hence protect network resources and 
information (column 1, lines 55-59, He)). 
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2. With regards to claim 2, Mittra teaches through He, a communication system 
wherein the key server includes logic for authenticating the host device and 
generating the access information for the host device to access the shared tree 

(Servers are simply devices that are able to fulfill requests made by client 
machines. Mittra's design contains GSCs which act as servers. It is with the 
GSC that members of the multicast network (including the hosts) authenticate 
themselves with keys (column 7, line 64 - column 8, line 10). Since 
authentication occurs, it is obvious that the logic to do so is present as well, as 
claimed. While, Mittra discloses a design with a device (the GSC) that functions 
as an authentication device as well as an access device, Mittra does not teach 
physically independent authentication and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 
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3. With regards to claims 3, 20, 64 and 71 , Mittra teaches through He, a 
communication system wherein the key server provides the access information 
to the host device over a secure communication channel 

(A communication system is able to be a method, computer program and 
an apparatus. The network of Mittra's design uses secure channels (column 8, 
lines 3-10). While, Mittra discloses a design with a device (the GSC) that 
functions as an authentication device as well as an access device, Mittra does 
not teach physically independent authentication and access devices. 

He teaches a network access design. Within the design. He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

4. With regards to claims 4, 23, 65 and 72, Mittra teaches through He, a 
communication system wherein the key server provides the access information 
to the designated device using a unicast distribution mechanism 

(A communication system is able to be a method, computer program and 
an apparatus. Mittra's design allows for both unicast and multicast (column 6, 
lines 1-19). While, Mittra discloses a design with a device (the GSC) that 
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functions as an authentication device as well as an access device, Mittra does 
not teach physically independent authentication and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

5. With regards to claims 5, 24, 66 and 73, Mittra teaches through He, a 

communication system wherein the key server provides the access information 
to the designated device using a multicast distribution mechanism 

(A communication system is able to be a method, computer program and 
an apparatus. Mittra's design allows for both unicast and multicast (column 6, 
lines 1-19). While, Mittra discloses a design with a device (the GSC) that 
functions as an authentication device as well as an access device, Mittra does 
not teach physically independent authentication and access devices. 

He teaches a network access design. Within the design. He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
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to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

6. With regards to claims 6, 25, 67 and 74, Mittra teaches through He, a 

communication system wherein the key server provides the access information 
to the designated device using a broadcast distribution mechanism 

(A communication system is able to be a method, computer program and 
an apparatus. Mittra's design allows for multicast networks (column 6, lines 1- 
19), which is a broadcast network. Furthermore, Mittra discloses that any 
network may be used for the design (column 4, lines 60-61). While, Mittra 
discloses a design with a device (the GSC) that functions as an authentication 
device as well as an access device, Mittra does not teach physically independent 
authentication and access devices. 

He teaches a network access design. Within the design. He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 
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7. With regards to claims 7 and 26, Mittra teaches through He, a communication 
system wherein the designated device requests the access information from the 
key server upon receiving the access control message 

(A communication system is a method. A device that requires 
authentication will need authentication with the key server (GSC) and hence the 
two must communicate with each other (column 8, lines 3-14). While. Mittra 
discloses a design with a device (the GSC) that functions as an authentication 
device as well as an access device, Mittra does not teach physically independent 
authentication and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed 
(Figure 2, He). Hence, it would have been obvious to one skilled in the art, 
during the time of the invention, to have combined the teachings of Mittra with 
those of He, to provide the necessary security mechanisms that can effectively 
control access to network elements and hence protect network resources and 
information (column 1, lines 55-59, He)). 

8. With regards to claim 8, Mittra teaches through He, a communication system 
wherein the key server provides the access information to the plurality of 
multicast devices forming the shared tree 

(The GSC (key server) of Mittra's design maintains all the group 
membership information (column 7, line 64 - column 8, line 2). While, Mittra 
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discloses a design with a device (the GSC) that functions as an authentication 
device as well as an access device, Mittra does not teach physically independent 
authentication and access devices. 

He teaches a network access design. Within the design. He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

9. With regards to claims 9, 17, 29, 36, 37, 46, 62, 69, 76, 83, 84, 88, 96, 106, 129, 
146, and 148, Mittra teaches through He, a communication system wherein the 
access information comprises: a token identifier; and an authentication key 
(A communication system is able to be a method, computer program, 
communication message and an apparatus. Mittra's design performs 
authentication (column 8, lines 3-10). During authentication, the access 
information must contain an id of some form to distinguish it; hence a token 
identifier must be present. Mittra discloses the use of a member id that is 
equivalent to the claimed token identifier (column 7, lines 52-54). In addition, 
authentications keys are present in Mittra's design. While. Mittra discloses a 
design with a device (the GSC) that functions as an authentication device as well 
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as an access device, Mittra does not teach physically independent authentication 
and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

10. With regards to claims 10, 30, 47, 77, 89, 95, 107 and 130, Mittra teaches 
through He, a communication system wherein the access control message 
comprises the token identifier 

(A communication system is able to be a method, computer program, 
communication message and an apparatus. Mittra's design performs 
authentication (column 8, lines 3-10). During authentication, the access 
information must contain an id of some form to distinguish it; hence a token 
identifier must be present. Mittra discloses the use of a member id that is 
equivalent to the claimed token identifier (column 7, lines 52-54). While, Mittra 
discloses a design with a device (the GSC) that functions as an authentication 
device as well as an access device, Mittra does not teach physically independent 
authentication and access devices. 
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He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed 
(Figure 2, He). Hence, it would have been obvious to one skilled in the art, 
during the time of the invention, to have combined the teachings of Mittra with 
those of He, to provide the necessary security mechanisms that can effectively 
control access to network elements and hence protect network resources and 
information (column 1, lines 55-59, He)). 

1 1 .With regards to claims 1 1 , 38, 85 and 97, Mittra teaches through He, a 

communication system wherein the access control message is an Internet Group 
Management Protocol (IGMP) join request including the token identifier 

(A communication system is able to be an apparatus, computer program 
and a method. Mittra's design performs authentication (column 8, lines 3-10). 
During authentication, the access information must contain an id of some form to 
distinguish it; hence a token identifier must be present. Mittra discloses the use of 
a member id that is equivalent to the claimed token identifier (column 7, lines 52- 
54). In addition, Mittra's design allows for the use of any network (column 4, 
lines 60-61) hence, any protocol that functions with the network chosen is 
acceptable. While, Mittra discloses a design with a device (the GSC) that 
functions as an authentication device as well as an access device, Mittra does 
not teach physically independent authentication and access devices. 
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He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed 
(Figure 2, He). Hence, it would have been obvious to one skilled in the art, 
during the time of the invention, to have combined the teachings of Mittra with 
those of He, to provide the necessary security mechanisms that can effectively 
control access to network elements and hence protect network resources and 
information (column 1, lines 55-59, He)). 

12. With regards to claim 12, Mittra teaches through He, a communication system 
wherein the designated device joins the shared tree on behalf of the host device 
upon authenticating the host device 

(All devices to enter the multicast in Mittra's design must be authenticated 
since all devices are able to be receivers and senders (column 8, lines 3-10). 
While, Mittra discloses a design with a device (the GSC) that functions as an 
authentication device as well as an access device, Mittra does not teach 
physically independent authentication and access devices. 

He teaches a network access design. Within the design. He teaches how the 
concept of physically separate authentication and access devices existed 
(Figure 2, He). Hence, it would have been obvious to one skilled in the art, 
during the time of the invention, to have combined the teachings of Mittra with 
those of He, to provide the necessary security mechanisms that can effectively 


Application/Control Number: 09/607,007 Page 14 

Art Unit: 2145 

control access to network elements and hence protect network resources and 
information (column 1, lines 55-59, He)). 

13. With regards to claim 13, Mittra teaches through He, a communication system 
wherein the shared tree is a Protocol Independent Multicast (PIM) shared tree, 
and wherein the designated device sends a PIM join request upstream toward a 
rendezvous point device in order to join the shared tree on behalf of the host 
device upon authenticating the host device 

(Mittra's design allows for any network to be used and hence any protocol 
as well (column 4, lines 60-61). While, Mittra discloses a design with a device 
(the GSC) that functions as an authentication device as well as an access 
device, Mittra does not teach physically independent authentication and access 
devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 
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14. With regards to claims 14, 15 and 58, Mittra teaches through He, a 
communication system wherein the designated device fonA/ards the access 
control message to a neighboring device upon failing to authenticate the host 
device using the access information 

(A communication system is a method. Since each member of Mittra*s 
multicast is both a receiver and a sender, each needs to be informed constantly 
what members are present. OthenA/ise, the multicast would be unable to 
distribute data properly. While, Mittra discloses a design with a device (the GSC) 
that functions as an authentication device as well as an access device, Mittra 
does not teach physically independent authentication and access devices. 

He teaches a network access design. Within the design. He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

15. With regards to claims 18, 48, 50, 108 and 131, Mittra teaches through He, a 
method wherein the access information further comprises an expiration date for 
the authentication key 
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(A computer program, apparatus and communication message are able to 
be methods. Mittra's design uses authentication (column 8, lines 3-10). For an 
authentication key to function properly, it obviously must possess an expiration 
method of some form. While, Mittra discloses a design with a device (the GSC) 
that functions as an authentication device as well as an access device, Mittra 
does not teach physically independent authentication and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

16. With regards to claim 19, Mittra teaches through He, a method wherein the 
access information further comprises a public key 

(The access information is used during authentication. During 
authentication, keys (no limitation was made on what type of key) are used 
between the two authenticating parties (column 8, lines 3-10). While, Mittra 
discloses a design with a device (the GSC) that functions as an authentication 
device as well as an access device, Mittra does not teach physically independent 
authentication and access devices. 
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He teaches a network access design. Within the design. He teaches how the 
concept of physically separate authentication and access devices existed 
(Figure 2, He). Hence, it would have been obvious to one skilled in the art, 
during the time of the invention, to have combined the teachings of Mittra with 
those of He, to provide the necessary security mechanisms that can effectively 
control access to network elements and hence protect network resources and 
information (column 1, lines 55-59, He)). 

17. With regards to claim 21, Mittra teaches through He, a method wherein the 
communication message is a group key management communication message 

(The authentication process occurs between a device and the GSC in 
Mittra's design (column 8, lines 3-10). The GSC maintains group key 
management and hence the communication message is a group key 
management communication message. While, Mittra discloses a design with a 
device (the GSC) that functions as an authentication device as well as an access 
device, Mittra does not teach physically independent authentication and access 
devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
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to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

18. With regards to claim 22, Mittra teaches through He, a method wherein sending 
the access information to the designated device for the host device comprises: 
sending a communication message including the access information to the 
designated device over a secure communication channel (Mittra's design uses 
secure channels (column 8, line 3). 

19. With regards to claims 27 and 109, Mittra teaches through He, a method wherein 
the access token comprises: a group identifier for identifying a multicast group; 

a host identifier for identifying the host device; a token identifier for identifying 
the access token; an authentication key for the host device; an expiration date 
for the authentication key; a server identifier for identifying a key server; and a 
public key for the key server 

(An apparatus is able to be a method. Mittra's design performs 
authentication (column 8, lines 3-10). During authentication, the access 
information must contain ids of some form to distinguish it; hence a token 
identifier along with ids for other parameters must be present. Mittra discloses 
the use of a member id that is equivalent to the claimed token identifier (column 
7, lines 52-54). In addition, it is disclosed that keys are used and hence that 
must be within the access token as well to properly fulfill the authentication 
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process (column 8, lines 3-10). While. Mittra discloses a design with a device 
(the GSC) that functions as an authentication device as well as an access 
device, Mittra does not teach physically independent authentication and access 
devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed 
(Figure 2, He). Hence, it would have been obvious to one skilled in the art, 
during the time of the invention, to have combined the teachings of Mittra with 
those of He, to provide the necessary security mechanisms that can effectively 
control access to network elements and hence protect network resources and 
information (column 1, lines 55-59, He)). 

20. With regards to claims 31 and 90, Mittra teaches through He, a method further 
comprising: generating authentication information using the access information; 
and sending the authentication information to the designated device 

(A computer program is a method. Mittra's design performs authentication 
(column 8, lines 3-10). During authentication, the claimed steps must be 
performed. While, Mittra discloses a design with a device (the GSC) that 
functions as an authentication device as well as an access device, Mittra does 
not teach physically independent authentication and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed 
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(Figure 2, He). Hence, it would have been obvious to one skilled in the art, 
during the time of the invention, to have combined the teachings of Mittra with 
those of He, to provide the necessary security mechanisms that can effectively 
control access to network elements and hence protect network resources and 
information (column 1 , lines 55-59, He)). 

21. With regards to claims 32, 53, 79, 91, 114 and 137, Mittra teaches through He, a 
method wherein generating the authentication information using the access 
information comprises generating a digital signature using the access 
information and a predetermined digital signature scheme 

(An apparatus and computer program are able to be a method. Mittra's 
design has authentication means (column 8, lines 3-10). In authentication, it is 
very common to use digital signature schemes and hashes. Mittra as to what 
form of authentication to perform provides no limitation. While, Mittra discloses a 
design with a device (the GSC) that functions as an authentication device as well 
as an access device, Mittra does not teach physically independent authentication 
and access devices. 

He teaches a network access design. Within the design. He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
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to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

22. With regards to claims 33, 54, 80, 92, 115 and 138, Mittra teaches through He, a 
method wherein the predetermined digital signature scheme comprises a keyed 
hash function 

(An apparatus and computer program are able to be a method. Mittra's 
design has authentication means (column 8, lines 3-10). In authentication, it is 
very common to use digital signature schemes and hashes. Mittra as to what 
form of authentication to perform provides no limitation. While, Mittra discloses a 
design with a device (the GSC) that functions as an authentication device as well 
as an access device, Mittra does not teach physically independent authentication 
and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 
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23. With regards to claims 34, 55, 81, 93, 116 and 139, Mittra teaches through He, a 
method wherein the keyed hash function comprises Ipsec AH with HMAC-MD5 

(An apparatus and computer program are able to be a method. Mittra's 
design has authentication means (column 8, lines 3-10). In authentication, it is 
very common to use digital signature schemes and hashes. Mittra as to what 
form of authentication to perform provides no limitation. While, Mittra discloses a 
design with a device (the GSC) that functions as an authentication device as well 
as an access device, Mittra does not teach physically independent authentication 
and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

24. With regards to claims 35, 56, 82, 94, 117 and 140, Mittra discloses through He, 
a method wherein the keyed hash function comprises Ipsec AH with HMAC- 
SHA1 

(An apparatus and computer program are able to be a method. Mittra's 
design has authentication means (column 8, lines 3-10). In authentication, it is 
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very common to use digital signature schemes and hashes. Mittra as to what 
form of authentication to perform provides no limitation. While, Mittra discloses a 
design with a device (the GSC) that functions as an authentication device as well 
as an access device, Mittra does not teach physically independent authentication 
and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

25. With regards to claims 39, 86, 98, 121 and 144, Mittra teaches through He, a 
method further comprising: establishing a security agreement with the 
designated device using the access information 

(An apparatus and computer program are able to be a method. Mittra's 
design uses secure communication (column 4, lines 5-19). Security agreements 
must be set during secure communication. While, Mittra discloses a design with 
a device (the GSC) that functions as an authentication device as well as an 
access device. Mittra does not teach physically independent authentication and 
access devices. 
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He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

26. With regards to claims 41 and 123, Mittra teaches through He, a method further 
comprising: obtaining the access information for the host device 

(A computer program is a method. Mittra's design performs authenticating 
between devices and the GSC (column 4, lines 5-19) (column 8, lines 3-10). 
During the authentication process the obtaining of the access information as 
claimed must be performed. While, Mittra discloses a design with a device (the 
GSC) that functions as an authentication device as well as an access device, 
Mittra does not teach physically independent authentication and access devices. 

He teaches a network access design. Within the design. He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
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to network elennents and hence protect network resources and information 
(column 1, lines 55-59, He)). 


27. With regards to claims 42, 43, 100, 101, 102, 124 and 125, Mittra teaches 
through He, a method wherein obtaining the access information for the host 
device comprises: receiving the access information from an access information 
server prior to receiving the access control message from the host device 

(An apparatus and computer program are methods. Mittra's design has a 
GSC that maintains information about the access and authentication information 
regarding all the devices within the network (column 7, line 64 - column 8, line 
2). No limitation was set regarding when data would be obtained by the GSC. 
While, Mittra discloses a design with a device (the GSC) that functions as an 
authentication device as well as an access device, Mittra does not teach 
physically independent authentication and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 
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28.With regards to claims 44, 45, 57. 103. 104. 105, 118, 119. 126. 127, 128. 133, 
134, 141 and 142, Mittra teaches through He, a method wherein determining 
whether the host device is authorized to access the shared tree comprises: 
maintaining an access information database; searching the access information 
database for the access information for the host device; failing to find the access 
information for the host device in the access information database; and 
determining that the host device is not authorized to access the shared tree 

(An apparatus is a method. Authentication is performed by Mittra's design 
(column 8, liens 3-10). In addition, all the steps claimed are normal during 
authentication. Furthermore, the GSC in Mittra*s design handles all the group 
information as claimed (column 7, line 54 - column 8, line 2). While, Mittra 
discloses a design with a device (the GSC) that functions as an authentication 
device as well as an access device, Mittra does not teach physically independent 
authentication and access devices. 

He teaches a network access design. Within the design. He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2. He). Hence, it would have been obvious to one skilled in the art. during the 
time of the invention, to have combined the teachings of Mittra with those of He. 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1. lines 55-59, He)). 
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29. With regards to claims 49, 51, 110, 111. 120, 132, 135, 136 and 143. Mittra 
teaches through He, a method wherein determining whether the host device is 
authorized to access the shared tree comprises: determining that the 
authentication key has expired based upon the expiration date for the 
authentication key; and determining that the host device is not authorized to 
access the shared tree; authenticating the host device using the access 
information and a predetermined authentication scheme; and determining 
whether the host device is authorized to access the shared tree based upon 
authenticating the host device using the access information and the 
predetermined authentication scheme 

(An apparatus is able to be a method. The claimed steps are known steps 
during authentication that must be performed. Mittra's design performs 
authentication (column 8. lines 3-10). In addition, Mittra's design further allows 
for the network to be of a tree form (column 4, lines 20-25). While, Mittra 
discloses a design with a device (the GSC) that functions as an authentication 
device as well as an access device, Mittra does not teach physically independent 
authentication and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art. during the 
time of the invention, to have combined the teachings of Mittra with those of He. 
to provide the necessary security mechanisms that can effectively control access 
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to network elennents and hence protect network resources and information 
(column 1, lines 55-59, He)). 

30. With regards to claims 52 and 112, Mittra teaches through He, a method wherein 
authenticating the host device using the access information and the 
predetermined authentication scheme comprises: receiving authentication 
information from the host device; and authenticating the host device based upon 
the access information and the authentication information received from the host 
device 

(An apparatus is able to be a method. Mittra's design performs 
authentication (column 8, lines 3-10). In addition, the steps claimed, must occur 
for the authentication process to function properly. While, Mittra discloses a 
design with a device (the GSC) that functions as an authentication device as well 
as an access device, Mittra does not teach physically independent authentication 
and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 
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31. With regards to claim 59, Mittra teaches through He, a method wherein 
determining whether the host device is authorized to access the shared tree 
based upon authenticating the host device using the access information and the 
predetermined authentication scheme comprises: determining that 
authentication succeeded; and determining that the host device is authorized to 
access the shared tree 

(Mittra's design performs authentication (column 8, lines 3-10). In 
addition, the steps claimed, must occur for the authentication process to function 
properly. While, Mittra discloses a design with a device (the GSC) that functions 
as an authentication device as well as an access device, Mittra does not teach 
physically independent authentication and access devices. 

He teaches a network access design. Within the design. He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

32. With regards to claim 60, Mittra teaches through He, a method further 
comprising: establishing a security association with the host device using the 
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access information upon determining that the host device is authorized to access 
the shared tree 

(Mittra's design performs authentication (column 8, lines 3-10). In 
addition, the steps claimed, must occur for the authentication process to function 
properly. While, Mittra discloses a design with a device (the GSC) that functions 
as an authentication device as well as an access device, Mittra does not teach 
physically independent authentication and access devices. 

He teaches a network access design. Within the design. He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 

33. With regards to claims 63, 70 and 149, Mittra teaches through He, an apparatus 
wherein the access token comprises: a group identifier for identifying a multicast 
group; a host identifier for identifying the host device; a token identifier for 
identifying the access token; an authentication key for the host device; an 
expiration date for the authentication key; a server identifier for identifying a key 
server; and a public key for a key server 
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(A communication system and a communication message are able to be a 
method, computer program and an apparatus. Mittra's design performs 
authentication (column 8, lines 3-10). During authentication, the access 
information must contain ids of some form to distinguish it; hence a token 
identifier along with other identifiers must be present. The presence of identifiers 
is obvious due to the fact that data is being transferred in between multiple 
devices and for a variety of reasons. The only way to ensure that such 
processes function properly is to possess all the identifiers claimed. 
Furthermore, Mittra discloses the use of a member id that is equivalent to the 
claimed token identifier (column 7, lines 52-54). In addition, keys are present in 
Mittra's design (column 8, lines 3-10). And, for an authentication to function 
properly, it obviously must possess an expiration method of some form. While, 
Mittra discloses a design with a device (the GSC) that functions as an 
authentication device as well as an access device, Mittra does not teach 
physically independent authentication and access devices. 

He teaches a network access design. Within the design, He teaches how the 
concept of physically separate authentication and access devices existed (Figure 
2, He). Hence, it would have been obvious to one skilled in the art, during the 
time of the invention, to have combined the teachings of Mittra with those of He, 
to provide the necessary security mechanisms that can effectively control access 
to network elements and hence protect network resources and information 
(column 1, lines 55-59, He)). 
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Remarks 

The amendment received November 7, 2005 has been carefully reviewed, 
but is not deemed fully persuasive. The following paragraphs address the concerns 
expressed in the amendment. 

The first issue of contention continues to involve the issue of having a key server 
separate from the access device. In response to this concern, the examiner has 
changed his grounds of rejection and has included the He art to illustrate how network 
designs with independent authentication and access devices were known in the art. 

As for the second issue of contention involving "authentication information unique 
to the host device/group pair," this is also disagreed upon. Mittra discloses that if 
desired, separate key distribution centers (KDC, equivalent to the claimed key server) 
are also usable (column 4, lines 53-54, Mittra). Furthermore, authentication for each 
host device obviously must be unique as claimed. This is because to each host, the 
number of clients available and eligible is different. And the same authentication cannot 
be applied for each client. This is because certificates apply public key cryptographic 
algorithms and public key algorithms require unique data for each user to be 
authenticated. Hence, the authentication information for each client must be different as 
claimed. 


Conclusion 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Azizul Choudhury whose telephone number is (571) 
272-3909. The examiner can normally be reached on M-F. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jason Cardone can be reached on (571) 272-3933. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
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AC 



SUPERVISORY PATENT EXAMINER 


